<?php
	include('secure_db.php');
	session_start();
	
if(isset($_POST['Password']) AND isset($_POST['Login'])){
		include("connection_mysqli.php");
		
		$req=$connexion->prepare('SELECT email,name,firstname,favoritestore,password FROM Client WHERE login=?');
		$req->bind_param("s",$val1);
		$val1= Secure::db($_POST['Login']);

		$result=$req->execute();
		$req->bind_result($col1,$col2,$col3,$col4,$col5);
		
		/*verif result*/
		if (!$req) {
			die('Could not query' . mysql_error());
			echo("fail !req");
		}
		
		/*fetch data*/
		$ok=0;
		while ($donnees = $req->fetch()){
			if(crypt(Secure::db($_POST['Password']),$col5)==$col5){
			$ok=1;
			$_SESSION['login'] = $val1;
			$_SESSION['email'] = $col1;
			$_SESSION['name'] =$col2;
			$_SESSION['firstname'] =$col3;
			$_SESSION['favoritestore']=$col4;
			$_SESSION['panier']='';
			$_SESSION['clientonline']=true;
			$_SESSION['storeonline']=false;
			
			
			
			}
		}
		$req->close();
		$connexion->close();
		
		if($ok==0){
			header('Locartion: accueil.php');
		}else{
			header('Location: client-mypage.php');
		}
}
else{
	header('Location: accueil.php');
}

?>
